Weaknesses of type CWE-352
5,725 resultsCVE-2024-2969MEDIUMWP-Eggdrop <= 0.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-2748MEDIUMCSRF vulnerability was identified in GitHub Enterprise Server that allowed performing actions on behalf of a userEPSS 0.2%CVE-2025-48885MEDIUMapplication-urlshortener users can create arbitrary pages as long as they have view access to themEPSS 0.2%CVE-2024-13244HIGHMigrate Tools - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-008EPSS 0.2%CVE-2024-13250HIGHDrupal Symfony Mailer Lite - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-014EPSS 0.2%CVE-2024-52420MEDIUMWordPress Disable Admin Notices individually plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-12557MEDIUMTransporters.io <= 2.1.1 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-54359HIGHMISP automation endpoints may be exposed to CSRF when Sec-Fetch-Site protection is disabled by defaultEPSS 0.2%CVE-2024-3407MEDIUMWP Prayer <= 2.0.9 - Arbitrary Prayer Deletion via CSRFEPSS 0.2%CVE-2024-13284HIGHGutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048EPSS 0.2%CVE-2026-6755MEDIUMMitigation bypass in the DOM: postMessage componentEPSS 0.2%CVE-2024-13260HIGHMigrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024EPSS 0.2%CVE-2024-32112MEDIUMWordPress Leadinfo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-55920MEDIUMCross-Site Request Forgery in Dashboard Module in TYPO3EPSS 0.2%CVE-2024-22721MEDIUMCross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link.EPSS 0.2%CVE-2024-42792LOWA Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via /music/ajax.php?action=delete_playEPSS 0.2%CVE-2026-34228HIGHEmlog: CSRF in Backend Upgrade Interface Leading to Arbitrary Remote SQL Execution and Arbitrary File WriteEPSS 0.2%CVE-2024-55923MEDIUMCross-Site Request Forgery in Indexed Search Module in TYPO3EPSS 0.2%CVE-2025-24647MEDIUMWordPress WooCommerce Cloak Affiliate Links plugin <= 1.0.35 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43684HIGHCross-Site Request Forgery vulnerability in TimeProvider 4100EPSS 0.2%